Navazovani TLS spojeni
Napsal: 17 pro 2019 17:40
Dobry den, nelze se mi pripojit a stranky www.atlas.cz hlasi ze navazuje tls spojeni a po chvilce vyskoci vyprsel cas spojeni.
dekuji za pomoc Zdenek
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by holan (17-12-2019 17:33:40)
Running from C:\Users\holan\Desktop
Windows 10 Home Version 1909 18363.535 (X64) (2019-08-22 16:17:05)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1020508210-677974173-4055440659-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1020508210-677974173-4055440659-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1020508210-677974173-4055440659-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1020508210-677974173-4055440659-501 - Limited - Disabled)
holan (S-1-5-21-1020508210-677974173-4055440659-1001 - Administrator - Enabled) => C:\Users\holan
HomeGroupUser$ (S-1-5-21-1020508210-677974173-4055440659-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1020508210-677974173-4055440659-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: FortiClient AntiVirus (Enabled - Up to date) {71629DC5-BE6F-CCD3-C5A5-014980643264}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: FortiClient AntiVirus (Enabled - Up to date) {CA037C21-9855-C35D-FF15-3A3BFBE378D9}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{2999BC6A-8EF9-2281-33EB-10FD4822078F}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{CDF59444-633F-EFF0-ABBD-99DA67E04273}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{74D8A73F-E3EF-6691-4216-274658AE4349}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{9CBC649D-0452-A63D-A523-FF8DCFE4556E}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{5BBA9BFD-9C57-38F7-2055-745C64CF740C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{4348DDBB-D1F4-E8B4-BCA3-03CA6E10C782}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{77AB3ADA-47D1-A1C8-C2C4-FC524D2F52DC}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{34BE4C3B-E9B4-C362-4FFE-1A7B91D8AB3E}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EE63D5CD-2A9D-99A4-28C3-480678FB52FC}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{B310214A-F44A-762F-B2CD-C5DD7CBA5F30}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{11E71CF4-6BB7-E314-B3EE-0D4BAD949321}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A852482E-E376-B3BB-6717-8993EF74F134}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D60F3E93-72D6-ADE1-E7C1-842CD828A47A}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{6EA40B6E-0EC9-B8AE-F0A2-738AE5ADED5C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{7E3CDECC-B7B2-6E53-CAE3-5F8C8565C269}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CD709202-55BA-4093-C8B7-85E472690CA7}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DDC725DE-EFB4-6A2C-21BD-3F2B69E44DD9}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{97223B2C-6406-BAA1-DE99-53D0447BD7C8}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{77C4E164-2FBB-AD94-124E-DFA7846F091C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{CB8AA16C-EB11-B27E-CB0E-CE015C5F85E4}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{D4DD8F3F-3FC2-FC5B-2E4D-3C86C1B402FA}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FortiClient (HKLM\...\{C8080F10-F9D9-42C8-81AF-C6DB77E66BFD}) (Version: 5.4.3.0870 - Fortinet Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.79 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{CFC677DA-B231-4D6D-8C36-25DBC17ECDDF}) (Version: 12.14.49.15 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (HKLM-x32\...\{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}) (Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{208E5E6C-8AF3-4302-8AFB-21FFA882DC2A}) (Version: 19.10.1635.0483 - Intel Corporation)
Macrium Reflect Free Edition (HKLM\...\{EECDC759-7352-4869-8E68-D1C99AB5862B}) (Version: 7.2.4228 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.)
Manager (HKLM-x32\...\{218A9668-3355-48AA-BFE5-6957CA4A5A4C}) (Version: 5.0.22.32425 - 2017 pdfforge GmbH. All rights reserved) Hidden
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Office 2016 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1020508210-677974173-4055440659-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
OpenOffice 4.1.6 (HKLM-x32\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.1.28.36004 - pdfforge GmbH)
PDF Architect 5 Create Module (HKLM\...\{7A5C9B23-00FB-479B-9240-8DCBD3CDF7DC}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{422024FF-15CA-4199-8DAF-DD34A8BA85DD}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{AD72FB9B-80C6-461D-B099-9DD76A62115E}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2018-07-09] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-09] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-12] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.5.1.2_x86__h6adky7gbf63m [2019-11-27] (Gameloft.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-15] (Facebook Inc)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-05-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-15] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.0.9_x86__h6adky7gbf63m [2019-12-04] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1020508210-677974173-4055440659-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files (x86)\Fortinet\FortiClient\FortiCliSh64.Dll [2017-03-08] (Fortinet Inc.) [File not signed]
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-01-31] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\zaloha program\RContextMenu.dll [2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\zaloha program\RContextMenu.dll [2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-10-06] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files (x86)\Fortinet\FortiClient\FortiCliSh64.Dll [2017-03-08] (Fortinet Inc.) [File not signed]
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=square
==================== Loaded Modules (Whitelisted) =============
2019-12-15 17:02 - 2019-12-15 17:02 - 000138240 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\73d34090e18bd2a5d6ca6e9445d05751\Interop.IWshRuntimeLibrary.ni.dll
2017-03-08 15:07 - 2017-03-08 15:07 - 000548882 _____ () [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll
2009-10-15 17:43 - 2009-10-15 17:43 - 000240128 _____ () [File not signed] C:\Program Files (x86)\HP\HP UT LEDM\bin\LEDMMapperObjects.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000061440 _____ () [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000964096 _____ () [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-12-15 16:57 - 2019-12-15 16:57 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\b78bf3c49590fd80333bbb2358c330d8\BRIDGECommon.ni.dll
2019-12-15 17:00 - 2019-12-15 17:00 - 000120832 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\92d42784d24a7d8bcd50a53f81c935c5\BridgeExtension.ni.dll
2019-12-15 17:00 - 2019-12-15 17:00 - 000348160 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\ce11f736737457d8963e07d42b0de6b6\CleanStartController.ni.dll
2016-10-06 10:28 - 2016-10-06 10:28 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2016-10-06 10:28 - 2016-10-06 10:28 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamcsy.dll
2017-03-08 15:10 - 2017-03-08 15:10 - 000145426 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiSkin.dll
2017-03-08 15:06 - 2017-03-08 15:06 - 000280082 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiTrayResc.dll
2017-03-08 15:07 - 2017-03-08 15:07 - 000061458 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\libcfg.dll
2017-03-08 15:09 - 2017-03-08 15:09 - 000433170 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\sslvpnlib.dll
2017-03-08 15:06 - 2017-03-08 15:06 - 000739346 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\utilsdll.dll
2019-12-15 17:01 - 2019-12-15 17:01 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\90ef9eec75f5c70a3eb88b1b76cbf21c\Hardcodet.Wpf.TaskbarNotification.ni.dll
2009-05-21 19:09 - 2009-05-21 19:09 - 000554496 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2019-12-15 17:00 - 2019-12-15 17:00 - 000134656 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\6c7b9bac033da80dc93ba532b37b6ae8\CommonPortable.ni.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000032768 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000031744 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2019-12-15 17:02 - 2019-12-15 17:02 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\3e339fdd0ff8a301cca4ed76ecf8fb94\NAudio.ni.dll
2019-12-15 17:01 - 2019-12-15 17:01 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\c9e29742d37172af77ab1897076e91ef\Newtonsoft.Json.ni.dll
2017-05-04 15:23 - 2017-05-04 15:23 - 000116224 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2019-12-15 17:01 - 2019-12-15 17:01 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\4aa22377093c96a03b2bb88f1818b1f5\log4net.ni.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\holan\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{a4a926d4-1a7d-454d-9a7c-372b33751412}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Wi-Fi: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (disabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F9444EE4-1AD1-4A65-A1EC-0F197A5C32AA}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{25B9A532-938A-4E1E-A153-3AB58DA97C5B}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{3E675955-DD28-43B5-AE99-39EF26DDB9E8}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{D1222993-6A4D-49A5-BA94-EBA40C8535F6}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{7AA62530-C858-4619-A041-91AB168E4F7E}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortifws.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{B4DC785A-0E29-455C-8A75-3CCCDE55711A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
17-12-2019 17:18:41 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/17/2019 05:30:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4456,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/17/2019 05:23:41 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (12/17/2019 05:18:59 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (12/17/2019 05:18:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (12/17/2019 05:14:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3972, identifikátor PID ProfSvc: 1288.
Error: (12/17/2019 05:13:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (12/17/2019 05:04:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2032,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/17/2019 04:56:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
System errors:
=============
Error: (12/17/2019 05:24:55 PM) (Source: DCOM) (EventID: 10000) (User: HOLANOVA-NB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (12/17/2019 05:21:16 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby TrustedInstaller s argumenty Není k dispozici za účelem spuštění serveru:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (12/17/2019 05:20:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Server byla ukončena s následující chybou:
Probíhá vypnutí systému.
Error: (12/17/2019 05:20:26 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec 58FB8482AFD3. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Error: (12/17/2019 05:20:26 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec 58FB8482AFD3. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Error: (12/17/2019 05:20:24 PM) (Source: Microsoft-Windows-WMPNSS-Service) (EventID: 14333) (User: NT AUTHORITY)
Description: Služba WMPNetworkSvc nebyla spuštěna správně v důsledku chyby 0x8007045b. Restartujte počítač a potom se pokuste restartovat službu.
Error: (12/17/2019 05:20:23 PM) (Source: Microsoft-Windows-WMPNSS-Service) (EventID: 14338) (User: NT AUTHORITY)
Description: Nový server médií nebyl inicializován, protože u funkce CoCreateInstance(CLSID_UPnPRegistrar) došlo k chybě 0x8007045b. Ověřte, zda je spuštěná služba UPnPHost a zda je správně nainstalovaná součást systému Windows UPnPHost.
Error: (12/17/2019 05:20:23 PM) (Source: Microsoft-Windows-WMPNSS-Service) (EventID: 14338) (User: NT AUTHORITY)
Description: Nový server médií nebyl inicializován, protože u funkce CoCreateInstance(CLSID_UPnPRegistrar) došlo k chybě 0x8007045b. Ověřte, zda je spuštěná služba UPnPHost a zda je správně nainstalovaná součást systému Windows UPnPHost.
CodeIntegrity:
===================================
Date: 2019-12-17 17:25:52.358
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-12-17 17:25:52.350
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-12-17 17:25:52.329
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-12-17 17:24:41.719
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-17 17:24:41.708
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-17 17:24:41.695
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-17 17:24:41.682
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-17 17:24:41.671
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.24 06/15/2017
Motherboard: HP 82F6
Processor: AMD A6-7310 APU with AMD Radeon R4 Graphics
Percentage of memory in use: 70%
Total physical RAM: 3551.12 MB
Available physical RAM: 1059.67 MB
Total Virtual: 4511.12 MB
Available Virtual: 1677.97 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:71.88 GB) NTFS
Drive e: (Nový svazek) (Removable) (Total:29.51 GB) (Free:29.36 GB) NTFS
\\?\Volume{5b9bdd0b-ec15-4779-a401-2b9362911f95}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.42 GB) NTFS
\\?\Volume{87739e91-7c0f-4b2f-bde7-65f4d424b069}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 29D6C95B)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 29.5 GB) (Disk ID: 0000755F)
Partition 1: (Active) - (Size=29.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by holan (administrator) on HOLANOVA-NB (HP HP 255 G5 Notebook PC) (17-12-2019 17:31:13)
Running from C:\Users\holan\Desktop
Loaded Profiles: holan (Available Profiles: defaultuser0 & holan)
Platform: Windows 10 Home Version 1909 18363.535 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\fcappdb.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FCDBLog.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiESNAC.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiWF.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FCHelper64.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\holan\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\holan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(pdfforge GmbH -> © pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8903176 2016-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-14] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [5631720 2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-10-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.79\Installer\chrmstp.exe [2019-12-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-02-01]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0411F3C8-BCA1-4336-A065-8C9107C349DC} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {106A10DF-166D-4D1D-9415-92286EC14653} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-17] (Google LLC -> Google LLC)
Task: {2C39E608-DD7A-4B04-B9D0-D3FF70D3FB34} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {3492AB39-CC58-4E7D-BAA3-51500580E0D1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3580ADD2-B1F1-491D-B2C5-2C9AA66DC0CC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3B844EFA-0FEC-4918-BE09-A9BC22200B58} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {42A0582A-41A2-4A5B-8E11-0B9083A29C43} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {4674F210-DCDF-4BC5-BEAF-6A81687448C1} - System32\Tasks\DropboxUpdateTaskMachineCore1d557f7c445e83e => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {51ACFEBE-F040-44D9-B86D-CAFE7372BE6E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5ADA6A56-465F-4D30-A867-C70DA18D1FDD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {65822254-CA6F-4D26-8B5F-3FDA30A11B87} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {69465485-2EAD-4C6F-AE57-DB187CB6AB50} - System32\Tasks\HPCeeScheduleForholan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {6FBECB94-A6CF-4AA9-97AC-A8549AD12695} - System32\Tasks\DropboxUpdateTaskMachineUA1d557f7c47334e4 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7175B9DD-817F-44EE-9124-506504083D92} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {71A4ED18-DEA9-45F1-8095-ADCCC8768DA6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-17] (HP Inc. -> )
Task: {78CD47A9-F00F-4D7B-B56A-950DA6A974C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7F3389D5-3ED5-429F-BA78-AFBD7EF04F19} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B2A5214-5C05-4FCD-B56C-BF85041D76FB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {9862517D-3F7D-48C2-ACEA-27E460E49821} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {AF273ACD-E955-4CFD-AD99-8262CE317377} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1B52D36-1DD5-47FA-A638-2AC988DE7D8F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\windows\TEMP\sp81110.exe <==== ATTENTION
Task: {C72FB0F2-DFEA-4F7A-8712-D7D3F3A37C41} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {C9B9C86B-9E4E-4394-974B-B3B55345D18A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-17] (Google LLC -> Google LLC)
Task: {E2C857F8-5D14-4C45-8B53-B35FCC3F0F7A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E7D8C3DA-8ADA-478F-887A-D7F8625592D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {EB1E8BB3-301B-424E-A7AF-75B3BF0D9444} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F15EAF29-7B60-43AA-9CBD-57B15A87EA1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {FC0F3CAF-35D2-483D-995F-1178C92ADA7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [277880 2019-11-22] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d557f7c445e83e.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d557f7c47334e4.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForholan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{baa30312-1932-46db-b9bc-3fdd43fc5b5b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f5583a56-897b-48d4-88d1-481da64edd90}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1020508210-677974173-4055440659-1001 -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\holan\Downloads
FireFox:
========
FF DefaultProfile: eguph9hn.default-1576508529644
FF ProfilePath: C:\Users\holan\AppData\Roaming\Mozilla\Firefox\Profiles\eguph9hn.default-1576508529644 [2019-12-17]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: PDF Architect 5 -> C:\Program Files\PDF Architect 5\np-previewer.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\FortiClient\npccplugin.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\FortiClient\npccpluginex.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\FortiClient\nptcplugin.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-12-17]
Chrome:
=======
CHR Profile: C:\Users\holan\AppData\Local\Google\Chrome\User Data\Default [2019-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\holan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\holan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-10-06] (Advanced Micro Devices, Inc. -> )
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [295840 2016-10-17] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-14] (ESET, spol. s r.o. -> ESET)
R2 FA_Scheduler; C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe [119826 2017-03-08] (Fortinet Inc.) [File not signed]
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSIService; C:\windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [5462864 2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2706824 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1048976 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [856976 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-28] (pdfforge GmbH -> © pdfforge GmbH.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [317960 2016-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27376 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0307840.inf_amd64_2d7ce5e36533f4c7\atikmdag.sys [26565648 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0307840.inf_amd64_2d7ce5e36533f4c7\atikmpag.sys [527264 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [87856 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-11-02] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-11-02] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-14] (ESET, spol. s r.o. -> ESET)
R3 fortiapd; C:\WINDOWS\System32\drivers\fortiapd.sys [18000 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [45792 2015-08-26] (Fortinet Technologies -> Fortinet Inc)
S1 FortiFW; C:\WINDOWS\System32\drivers\FortiFW2.sys [37456 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R0 fortiloader; C:\WINDOWS\System32\drivers\fortiloader.sys [12368 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 fortimon3; C:\WINDOWS\System32\drivers\fortimon3.sys [45648 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [147536 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 FortiRdr; C:\WINDOWS\System32\drivers\FortiRdr2.sys [47184 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiShield; C:\WINDOWS\System32\drivers\FortiShield.sys [72272 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\WINDOWS\System32\drivers\fortisniff2.sys [85072 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 FortiWF; C:\WINDOWS\System32\drivers\FortiWF2.sys [33360 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [71928 2015-08-26] (Fortinet Technologies -> Fortinet Inc)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2016-03-29] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-26] (Realtek Semiconductor Corp. -> Realtek )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-17 17:31 - 2019-12-17 17:32 - 000029699 _____ C:\Users\holan\Desktop\FRST.txt
2019-12-17 17:30 - 2019-12-17 17:31 - 000000000 ____D C:\FRST
2019-12-17 17:27 - 2019-12-17 17:29 - 000000000 ____D C:\rsit
2019-12-17 17:27 - 2019-12-17 17:27 - 000000000 ____D C:\Program Files\trend micro
2019-12-17 17:25 - 2019-12-17 17:12 - 002264064 _____ (Farbar) C:\Users\holan\Desktop\FRST64.exe
2019-12-17 17:25 - 2019-12-17 17:12 - 001222144 _____ C:\Users\holan\Desktop\RSITx64.exe
2019-12-17 17:23 - 2019-12-17 17:23 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-17 17:23 - 2019-12-17 17:23 - 000002880 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-12-17 17:23 - 2019-12-17 17:23 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-17 17:23 - 2019-12-17 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-17 17:23 - 2019-12-17 17:23 - 000000000 ____D C:\Program Files\CCleaner
2019-12-17 17:22 - 2019-12-17 17:22 - 000000000 ___HD C:\OneDriveTemp
2019-12-17 17:08 - 2019-12-17 17:08 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-17 17:08 - 2019-12-17 17:08 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-17 17:08 - 2019-12-17 17:08 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-17 16:43 - 2019-12-17 16:43 - 000000000 ___HD C:\$SysReset
2019-12-17 16:40 - 2019-12-17 17:22 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 16:40 - 2019-12-17 17:22 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-17 16:40 - 2019-12-17 16:40 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-17 16:40 - 2019-12-17 16:40 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-17 16:40 - 2019-12-17 16:40 - 000000000 ____D C:\Users\holan\AppData\Local\Google
2019-12-17 16:40 - 2019-12-17 16:40 - 000000000 ____D C:\Program Files (x86)\Google
2019-12-17 16:39 - 2019-12-17 16:39 - 001397976 _____ (Google LLC) C:\Users\holan\Downloads\ChromeSetup.exe
2019-12-16 19:37 - 2019-12-17 12:56 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-12-16 19:36 - 2019-12-17 12:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-16 19:36 - 2019-12-16 19:36 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-15 18:41 - 2019-12-15 18:41 - 000054607 _____ C:\Users\holan\Downloads\vypis-458407.pdf
2019-11-20 07:42 - 2019-11-20 07:42 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-17 17:27 - 2019-08-22 17:06 - 001842076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-17 17:27 - 2019-03-19 12:55 - 000752246 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-17 17:27 - 2019-03-19 12:55 - 000162686 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-17 17:27 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-17 17:22 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-17 17:22 - 2017-05-03 17:46 - 000000000 ___RD C:\Users\holan\OneDrive
2019-12-17 17:21 - 2019-08-22 17:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-17 17:21 - 2017-09-29 16:02 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-12-17 17:21 - 2017-05-03 20:01 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-17 17:20 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-17 17:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-17 17:14 - 2019-08-22 16:53 - 000416488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-17 17:02 - 2017-05-03 19:49 - 000000000 ____D C:\Users\holan\AppData\LocalLow\Mozilla
2019-12-17 16:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-17 16:36 - 2017-05-10 11:52 - 000000000 ____D C:\Users\holan\Desktop\Export DPH
2019-12-17 16:30 - 2017-05-10 11:41 - 000000000 ____D C:\Centura
2019-12-17 14:54 - 2019-08-22 16:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-16 21:50 - 2017-05-12 11:45 - 000000000 ____D C:\Users\holan\Desktop\Import dat
2019-12-16 19:37 - 2017-05-04 15:03 - 000000000 ____D C:\Users\holan\AppData\Local\Adobe
2019-12-16 19:36 - 2017-05-04 15:07 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-12-16 18:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-16 16:47 - 2019-08-11 09:43 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForholan.job
2019-12-16 16:07 - 2019-08-11 09:43 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-16 16:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-16 16:07 - 2017-05-04 15:23 - 000000000 ____D C:\Program Files\PDFCreator
2019-12-16 16:06 - 2019-05-05 10:06 - 000000000 ____D C:\TEMP
2019-12-16 16:02 - 2017-05-03 19:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-16 15:55 - 2019-08-22 17:16 - 000003248 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForholan
2019-12-15 16:39 - 2017-08-12 09:41 - 000000000 ___RD C:\Users\holan\3D Objects
2019-12-15 16:39 - 2016-07-29 13:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-15 01:46 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-14 10:49 - 2017-05-03 18:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-14 10:49 - 2016-10-22 10:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-14 10:46 - 2017-05-03 18:57 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-14 10:28 - 2017-11-07 09:19 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-11-27 11:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2019-11-20 08:28 - 2017-05-03 20:14 - 000002242 ____H C:\Users\holan\OneDrive\Dokumenty\Default.rdp
2019-11-20 07:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-11-19 13:15 - 2019-08-22 17:16 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1020508210-677974173-4055440659-1001
2019-11-19 13:15 - 2019-08-22 17:00 - 000002410 _____ C:\Users\holan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Files in the root of some directories ========
2019-05-05 07:50 - 2019-05-05 07:50 - 000000001 _____ () C:\Users\holan\AppData\Local\RawCopy.1.01.agreement
2019-05-05 07:50 - 2019-05-05 07:54 - 000000001 _____ () C:\Users\holan\AppData\Local\RawCopy.sourcedisk.index
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
dekuji za pomoc Zdenek
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by holan (17-12-2019 17:33:40)
Running from C:\Users\holan\Desktop
Windows 10 Home Version 1909 18363.535 (X64) (2019-08-22 16:17:05)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1020508210-677974173-4055440659-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1020508210-677974173-4055440659-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1020508210-677974173-4055440659-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1020508210-677974173-4055440659-501 - Limited - Disabled)
holan (S-1-5-21-1020508210-677974173-4055440659-1001 - Administrator - Enabled) => C:\Users\holan
HomeGroupUser$ (S-1-5-21-1020508210-677974173-4055440659-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1020508210-677974173-4055440659-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: FortiClient AntiVirus (Enabled - Up to date) {71629DC5-BE6F-CCD3-C5A5-014980643264}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: FortiClient AntiVirus (Enabled - Up to date) {CA037C21-9855-C35D-FF15-3A3BFBE378D9}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{2999BC6A-8EF9-2281-33EB-10FD4822078F}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{CDF59444-633F-EFF0-ABBD-99DA67E04273}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{74D8A73F-E3EF-6691-4216-274658AE4349}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{9CBC649D-0452-A63D-A523-FF8DCFE4556E}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{5BBA9BFD-9C57-38F7-2055-745C64CF740C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{4348DDBB-D1F4-E8B4-BCA3-03CA6E10C782}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{77AB3ADA-47D1-A1C8-C2C4-FC524D2F52DC}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{34BE4C3B-E9B4-C362-4FFE-1A7B91D8AB3E}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EE63D5CD-2A9D-99A4-28C3-480678FB52FC}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{B310214A-F44A-762F-B2CD-C5DD7CBA5F30}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{11E71CF4-6BB7-E314-B3EE-0D4BAD949321}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A852482E-E376-B3BB-6717-8993EF74F134}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D60F3E93-72D6-ADE1-E7C1-842CD828A47A}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{6EA40B6E-0EC9-B8AE-F0A2-738AE5ADED5C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{7E3CDECC-B7B2-6E53-CAE3-5F8C8565C269}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CD709202-55BA-4093-C8B7-85E472690CA7}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DDC725DE-EFB4-6A2C-21BD-3F2B69E44DD9}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{97223B2C-6406-BAA1-DE99-53D0447BD7C8}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{77C4E164-2FBB-AD94-124E-DFA7846F091C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{CB8AA16C-EB11-B27E-CB0E-CE015C5F85E4}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{D4DD8F3F-3FC2-FC5B-2E4D-3C86C1B402FA}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FortiClient (HKLM\...\{C8080F10-F9D9-42C8-81AF-C6DB77E66BFD}) (Version: 5.4.3.0870 - Fortinet Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.79 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{CFC677DA-B231-4D6D-8C36-25DBC17ECDDF}) (Version: 12.14.49.15 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (HKLM-x32\...\{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}) (Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{208E5E6C-8AF3-4302-8AFB-21FFA882DC2A}) (Version: 19.10.1635.0483 - Intel Corporation)
Macrium Reflect Free Edition (HKLM\...\{EECDC759-7352-4869-8E68-D1C99AB5862B}) (Version: 7.2.4228 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.)
Manager (HKLM-x32\...\{218A9668-3355-48AA-BFE5-6957CA4A5A4C}) (Version: 5.0.22.32425 - 2017 pdfforge GmbH. All rights reserved) Hidden
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Office 2016 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1020508210-677974173-4055440659-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
OpenOffice 4.1.6 (HKLM-x32\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.1.28.36004 - pdfforge GmbH)
PDF Architect 5 Create Module (HKLM\...\{7A5C9B23-00FB-479B-9240-8DCBD3CDF7DC}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{422024FF-15CA-4199-8DAF-DD34A8BA85DD}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{AD72FB9B-80C6-461D-B099-9DD76A62115E}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2018-07-09] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-09] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-12] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.5.1.2_x86__h6adky7gbf63m [2019-11-27] (Gameloft.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-15] (Facebook Inc)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-05-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-15] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.0.9_x86__h6adky7gbf63m [2019-12-04] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1020508210-677974173-4055440659-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files (x86)\Fortinet\FortiClient\FortiCliSh64.Dll [2017-03-08] (Fortinet Inc.) [File not signed]
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-01-31] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\zaloha program\RContextMenu.dll [2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\zaloha program\RContextMenu.dll [2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-10-06] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files (x86)\Fortinet\FortiClient\FortiCliSh64.Dll [2017-03-08] (Fortinet Inc.) [File not signed]
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=square
==================== Loaded Modules (Whitelisted) =============
2019-12-15 17:02 - 2019-12-15 17:02 - 000138240 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\73d34090e18bd2a5d6ca6e9445d05751\Interop.IWshRuntimeLibrary.ni.dll
2017-03-08 15:07 - 2017-03-08 15:07 - 000548882 _____ () [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll
2009-10-15 17:43 - 2009-10-15 17:43 - 000240128 _____ () [File not signed] C:\Program Files (x86)\HP\HP UT LEDM\bin\LEDMMapperObjects.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000061440 _____ () [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000964096 _____ () [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-12-15 16:57 - 2019-12-15 16:57 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\b78bf3c49590fd80333bbb2358c330d8\BRIDGECommon.ni.dll
2019-12-15 17:00 - 2019-12-15 17:00 - 000120832 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\92d42784d24a7d8bcd50a53f81c935c5\BridgeExtension.ni.dll
2019-12-15 17:00 - 2019-12-15 17:00 - 000348160 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\ce11f736737457d8963e07d42b0de6b6\CleanStartController.ni.dll
2016-10-06 10:28 - 2016-10-06 10:28 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2016-10-06 10:28 - 2016-10-06 10:28 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamcsy.dll
2017-03-08 15:10 - 2017-03-08 15:10 - 000145426 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiSkin.dll
2017-03-08 15:06 - 2017-03-08 15:06 - 000280082 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiTrayResc.dll
2017-03-08 15:07 - 2017-03-08 15:07 - 000061458 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\libcfg.dll
2017-03-08 15:09 - 2017-03-08 15:09 - 000433170 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\sslvpnlib.dll
2017-03-08 15:06 - 2017-03-08 15:06 - 000739346 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\utilsdll.dll
2019-12-15 17:01 - 2019-12-15 17:01 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\90ef9eec75f5c70a3eb88b1b76cbf21c\Hardcodet.Wpf.TaskbarNotification.ni.dll
2009-05-21 19:09 - 2009-05-21 19:09 - 000554496 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2019-12-15 17:00 - 2019-12-15 17:00 - 000134656 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\6c7b9bac033da80dc93ba532b37b6ae8\CommonPortable.ni.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000032768 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000031744 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2019-12-15 17:02 - 2019-12-15 17:02 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\3e339fdd0ff8a301cca4ed76ecf8fb94\NAudio.ni.dll
2019-12-15 17:01 - 2019-12-15 17:01 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\c9e29742d37172af77ab1897076e91ef\Newtonsoft.Json.ni.dll
2017-05-04 15:23 - 2017-05-04 15:23 - 000116224 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2019-12-15 17:01 - 2019-12-15 17:01 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\4aa22377093c96a03b2bb88f1818b1f5\log4net.ni.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\holan\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{a4a926d4-1a7d-454d-9a7c-372b33751412}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Wi-Fi: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (disabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F9444EE4-1AD1-4A65-A1EC-0F197A5C32AA}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{25B9A532-938A-4E1E-A153-3AB58DA97C5B}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{3E675955-DD28-43B5-AE99-39EF26DDB9E8}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{D1222993-6A4D-49A5-BA94-EBA40C8535F6}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{7AA62530-C858-4619-A041-91AB168E4F7E}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortifws.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{B4DC785A-0E29-455C-8A75-3CCCDE55711A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
17-12-2019 17:18:41 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/17/2019 05:30:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4456,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/17/2019 05:23:41 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (12/17/2019 05:18:59 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (12/17/2019 05:18:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (12/17/2019 05:14:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3972, identifikátor PID ProfSvc: 1288.
Error: (12/17/2019 05:13:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (12/17/2019 05:04:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2032,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (12/17/2019 04:56:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
System errors:
=============
Error: (12/17/2019 05:24:55 PM) (Source: DCOM) (EventID: 10000) (User: HOLANOVA-NB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (12/17/2019 05:21:16 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby TrustedInstaller s argumenty Není k dispozici za účelem spuštění serveru:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (12/17/2019 05:20:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Server byla ukončena s následující chybou:
Probíhá vypnutí systému.
Error: (12/17/2019 05:20:26 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec 58FB8482AFD3. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Error: (12/17/2019 05:20:26 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec 58FB8482AFD3. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.
Error: (12/17/2019 05:20:24 PM) (Source: Microsoft-Windows-WMPNSS-Service) (EventID: 14333) (User: NT AUTHORITY)
Description: Služba WMPNetworkSvc nebyla spuštěna správně v důsledku chyby 0x8007045b. Restartujte počítač a potom se pokuste restartovat službu.
Error: (12/17/2019 05:20:23 PM) (Source: Microsoft-Windows-WMPNSS-Service) (EventID: 14338) (User: NT AUTHORITY)
Description: Nový server médií nebyl inicializován, protože u funkce CoCreateInstance(CLSID_UPnPRegistrar) došlo k chybě 0x8007045b. Ověřte, zda je spuštěná služba UPnPHost a zda je správně nainstalovaná součást systému Windows UPnPHost.
Error: (12/17/2019 05:20:23 PM) (Source: Microsoft-Windows-WMPNSS-Service) (EventID: 14338) (User: NT AUTHORITY)
Description: Nový server médií nebyl inicializován, protože u funkce CoCreateInstance(CLSID_UPnPRegistrar) došlo k chybě 0x8007045b. Ověřte, zda je spuštěná služba UPnPHost a zda je správně nainstalovaná součást systému Windows UPnPHost.
CodeIntegrity:
===================================
Date: 2019-12-17 17:25:52.358
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-12-17 17:25:52.350
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-12-17 17:25:52.329
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2019-12-17 17:24:41.719
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-17 17:24:41.708
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-17 17:24:41.695
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-17 17:24:41.682
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-17 17:24:41.671
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.24 06/15/2017
Motherboard: HP 82F6
Processor: AMD A6-7310 APU with AMD Radeon R4 Graphics
Percentage of memory in use: 70%
Total physical RAM: 3551.12 MB
Available physical RAM: 1059.67 MB
Total Virtual: 4511.12 MB
Available Virtual: 1677.97 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:71.88 GB) NTFS
Drive e: (Nový svazek) (Removable) (Total:29.51 GB) (Free:29.36 GB) NTFS
\\?\Volume{5b9bdd0b-ec15-4779-a401-2b9362911f95}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.42 GB) NTFS
\\?\Volume{87739e91-7c0f-4b2f-bde7-65f4d424b069}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 29D6C95B)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 29.5 GB) (Disk ID: 0000755F)
Partition 1: (Active) - (Size=29.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by holan (administrator) on HOLANOVA-NB (HP HP 255 G5 Notebook PC) (17-12-2019 17:31:13)
Running from C:\Users\holan\Desktop
Loaded Profiles: holan (Available Profiles: defaultuser0 & holan)
Platform: Windows 10 Home Version 1909 18363.535 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\fcappdb.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FCDBLog.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiESNAC.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiWF.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FCHelper64.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\holan\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\holan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(pdfforge GmbH -> © pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8903176 2016-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-14] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [5631720 2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-10-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.79\Installer\chrmstp.exe [2019-12-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-02-01]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0411F3C8-BCA1-4336-A065-8C9107C349DC} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {106A10DF-166D-4D1D-9415-92286EC14653} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-17] (Google LLC -> Google LLC)
Task: {2C39E608-DD7A-4B04-B9D0-D3FF70D3FB34} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {3492AB39-CC58-4E7D-BAA3-51500580E0D1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3580ADD2-B1F1-491D-B2C5-2C9AA66DC0CC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3B844EFA-0FEC-4918-BE09-A9BC22200B58} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {42A0582A-41A2-4A5B-8E11-0B9083A29C43} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {4674F210-DCDF-4BC5-BEAF-6A81687448C1} - System32\Tasks\DropboxUpdateTaskMachineCore1d557f7c445e83e => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {51ACFEBE-F040-44D9-B86D-CAFE7372BE6E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5ADA6A56-465F-4D30-A867-C70DA18D1FDD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {65822254-CA6F-4D26-8B5F-3FDA30A11B87} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {69465485-2EAD-4C6F-AE57-DB187CB6AB50} - System32\Tasks\HPCeeScheduleForholan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {6FBECB94-A6CF-4AA9-97AC-A8549AD12695} - System32\Tasks\DropboxUpdateTaskMachineUA1d557f7c47334e4 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7175B9DD-817F-44EE-9124-506504083D92} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {71A4ED18-DEA9-45F1-8095-ADCCC8768DA6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-17] (HP Inc. -> )
Task: {78CD47A9-F00F-4D7B-B56A-950DA6A974C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7F3389D5-3ED5-429F-BA78-AFBD7EF04F19} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B2A5214-5C05-4FCD-B56C-BF85041D76FB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {9862517D-3F7D-48C2-ACEA-27E460E49821} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {AF273ACD-E955-4CFD-AD99-8262CE317377} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1B52D36-1DD5-47FA-A638-2AC988DE7D8F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\windows\TEMP\sp81110.exe <==== ATTENTION
Task: {C72FB0F2-DFEA-4F7A-8712-D7D3F3A37C41} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {C9B9C86B-9E4E-4394-974B-B3B55345D18A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-17] (Google LLC -> Google LLC)
Task: {E2C857F8-5D14-4C45-8B53-B35FCC3F0F7A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E7D8C3DA-8ADA-478F-887A-D7F8625592D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {EB1E8BB3-301B-424E-A7AF-75B3BF0D9444} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F15EAF29-7B60-43AA-9CBD-57B15A87EA1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {FC0F3CAF-35D2-483D-995F-1178C92ADA7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [277880 2019-11-22] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d557f7c445e83e.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d557f7c47334e4.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForholan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{baa30312-1932-46db-b9bc-3fdd43fc5b5b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f5583a56-897b-48d4-88d1-481da64edd90}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1020508210-677974173-4055440659-1001 -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\holan\Downloads
FireFox:
========
FF DefaultProfile: eguph9hn.default-1576508529644
FF ProfilePath: C:\Users\holan\AppData\Roaming\Mozilla\Firefox\Profiles\eguph9hn.default-1576508529644 [2019-12-17]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: PDF Architect 5 -> C:\Program Files\PDF Architect 5\np-previewer.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\FortiClient\npccplugin.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\FortiClient\npccpluginex.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\FortiClient\nptcplugin.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-12-17]
Chrome:
=======
CHR Profile: C:\Users\holan\AppData\Local\Google\Chrome\User Data\Default [2019-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\holan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\holan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-10-06] (Advanced Micro Devices, Inc. -> )
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [295840 2016-10-17] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-14] (ESET, spol. s r.o. -> ESET)
R2 FA_Scheduler; C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe [119826 2017-03-08] (Fortinet Inc.) [File not signed]
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSIService; C:\windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [5462864 2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2706824 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1048976 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [856976 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-28] (pdfforge GmbH -> © pdfforge GmbH.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [317960 2016-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27376 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0307840.inf_amd64_2d7ce5e36533f4c7\atikmdag.sys [26565648 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0307840.inf_amd64_2d7ce5e36533f4c7\atikmpag.sys [527264 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [87856 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-11-02] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-11-02] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-14] (ESET, spol. s r.o. -> ESET)
R3 fortiapd; C:\WINDOWS\System32\drivers\fortiapd.sys [18000 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [45792 2015-08-26] (Fortinet Technologies -> Fortinet Inc)
S1 FortiFW; C:\WINDOWS\System32\drivers\FortiFW2.sys [37456 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R0 fortiloader; C:\WINDOWS\System32\drivers\fortiloader.sys [12368 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 fortimon3; C:\WINDOWS\System32\drivers\fortimon3.sys [45648 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [147536 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 FortiRdr; C:\WINDOWS\System32\drivers\FortiRdr2.sys [47184 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiShield; C:\WINDOWS\System32\drivers\FortiShield.sys [72272 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\WINDOWS\System32\drivers\fortisniff2.sys [85072 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 FortiWF; C:\WINDOWS\System32\drivers\FortiWF2.sys [33360 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [71928 2015-08-26] (Fortinet Technologies -> Fortinet Inc)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2016-03-29] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-26] (Realtek Semiconductor Corp. -> Realtek )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-17 17:31 - 2019-12-17 17:32 - 000029699 _____ C:\Users\holan\Desktop\FRST.txt
2019-12-17 17:30 - 2019-12-17 17:31 - 000000000 ____D C:\FRST
2019-12-17 17:27 - 2019-12-17 17:29 - 000000000 ____D C:\rsit
2019-12-17 17:27 - 2019-12-17 17:27 - 000000000 ____D C:\Program Files\trend micro
2019-12-17 17:25 - 2019-12-17 17:12 - 002264064 _____ (Farbar) C:\Users\holan\Desktop\FRST64.exe
2019-12-17 17:25 - 2019-12-17 17:12 - 001222144 _____ C:\Users\holan\Desktop\RSITx64.exe
2019-12-17 17:23 - 2019-12-17 17:23 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-17 17:23 - 2019-12-17 17:23 - 000002880 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-12-17 17:23 - 2019-12-17 17:23 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-17 17:23 - 2019-12-17 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-17 17:23 - 2019-12-17 17:23 - 000000000 ____D C:\Program Files\CCleaner
2019-12-17 17:22 - 2019-12-17 17:22 - 000000000 ___HD C:\OneDriveTemp
2019-12-17 17:08 - 2019-12-17 17:08 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-17 17:08 - 2019-12-17 17:08 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-17 17:08 - 2019-12-17 17:08 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-17 16:43 - 2019-12-17 16:43 - 000000000 ___HD C:\$SysReset
2019-12-17 16:40 - 2019-12-17 17:22 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 16:40 - 2019-12-17 17:22 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-17 16:40 - 2019-12-17 16:40 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-17 16:40 - 2019-12-17 16:40 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-17 16:40 - 2019-12-17 16:40 - 000000000 ____D C:\Users\holan\AppData\Local\Google
2019-12-17 16:40 - 2019-12-17 16:40 - 000000000 ____D C:\Program Files (x86)\Google
2019-12-17 16:39 - 2019-12-17 16:39 - 001397976 _____ (Google LLC) C:\Users\holan\Downloads\ChromeSetup.exe
2019-12-16 19:37 - 2019-12-17 12:56 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-12-16 19:36 - 2019-12-17 12:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-16 19:36 - 2019-12-16 19:36 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-15 18:41 - 2019-12-15 18:41 - 000054607 _____ C:\Users\holan\Downloads\vypis-458407.pdf
2019-11-20 07:42 - 2019-11-20 07:42 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-17 17:27 - 2019-08-22 17:06 - 001842076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-17 17:27 - 2019-03-19 12:55 - 000752246 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-17 17:27 - 2019-03-19 12:55 - 000162686 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-17 17:27 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-17 17:22 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-17 17:22 - 2017-05-03 17:46 - 000000000 ___RD C:\Users\holan\OneDrive
2019-12-17 17:21 - 2019-08-22 17:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-17 17:21 - 2017-09-29 16:02 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-12-17 17:21 - 2017-05-03 20:01 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-17 17:20 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-17 17:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-17 17:14 - 2019-08-22 16:53 - 000416488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-17 17:02 - 2017-05-03 19:49 - 000000000 ____D C:\Users\holan\AppData\LocalLow\Mozilla
2019-12-17 16:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-17 16:36 - 2017-05-10 11:52 - 000000000 ____D C:\Users\holan\Desktop\Export DPH
2019-12-17 16:30 - 2017-05-10 11:41 - 000000000 ____D C:\Centura
2019-12-17 14:54 - 2019-08-22 16:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-16 21:50 - 2017-05-12 11:45 - 000000000 ____D C:\Users\holan\Desktop\Import dat
2019-12-16 19:37 - 2017-05-04 15:03 - 000000000 ____D C:\Users\holan\AppData\Local\Adobe
2019-12-16 19:36 - 2017-05-04 15:07 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-12-16 18:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-16 16:47 - 2019-08-11 09:43 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForholan.job
2019-12-16 16:07 - 2019-08-11 09:43 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-16 16:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-16 16:07 - 2017-05-04 15:23 - 000000000 ____D C:\Program Files\PDFCreator
2019-12-16 16:06 - 2019-05-05 10:06 - 000000000 ____D C:\TEMP
2019-12-16 16:02 - 2017-05-03 19:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-16 15:55 - 2019-08-22 17:16 - 000003248 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForholan
2019-12-15 16:39 - 2017-08-12 09:41 - 000000000 ___RD C:\Users\holan\3D Objects
2019-12-15 16:39 - 2016-07-29 13:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-15 01:46 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-14 10:49 - 2017-05-03 18:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-14 10:49 - 2016-10-22 10:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-14 10:46 - 2017-05-03 18:57 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-14 10:28 - 2017-11-07 09:19 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-11-27 11:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2019-11-20 08:28 - 2017-05-03 20:14 - 000002242 ____H C:\Users\holan\OneDrive\Dokumenty\Default.rdp
2019-11-20 07:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-11-19 13:15 - 2019-08-22 17:16 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1020508210-677974173-4055440659-1001
2019-11-19 13:15 - 2019-08-22 17:00 - 000002410 _____ C:\Users\holan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Files in the root of some directories ========
2019-05-05 07:50 - 2019-05-05 07:50 - 000000001 _____ () C:\Users\holan\AppData\Local\RawCopy.1.01.agreement
2019-05-05 07:50 - 2019-05-05 07:54 - 000000001 _____ () C:\Users\holan\AppData\Local\RawCopy.sourcedisk.index
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================